STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS must not have inaccessible APF libraries defined.

DISA Rule

SV-223564r533198_rule

Vulnerability Number

V-223564

Group Title

SRG-OS-000095-GPOS-00049

Rule Version

ACF2-OS-000280

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Review the entire list of APF authorized libraries and remove those that are no longer valid designations.

Check Contents

Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper APF and/or PROG member. Examine each entry and verify that it exists on the specified volume.

If inaccessible APF libraries exist this is a finding.

ISRDDN APF

Vulnerability Number

V-223564

Documentable

False

Rule Version

ACF2-OS-000280

Severity Override Guidance

Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper APF and/or PROG member. Examine each entry and verify that it exists on the specified volume.

If inaccessible APF libraries exist this is a finding.

ISRDDN APF

Check Content Reference

M

Target Key

4100

Comments